Netsparker web application security scanners use a wide and ever growing range of security checks to test for vulnerabilities in a scan. The Netsparker Standard 5.5 November 2019 Update introduced a new BREACH Attack security check that is enabled by default. Read More
Netsparker CEO Ferruh Mavituna is interviewed on Enterprise Security Weekly about how to start building a realistic web security program in enterprises. He discusses the shift-left approach by which security is built into the application at an earlier stage, and how to reach this stage in a safe, prioritized and persuasive way. Read More
It is vital that security measures, including web application security scanning, play an early role in the software development life cycle. This article summarizes a podcast discussion in which Netsparker CEO Ferruh Mavituna talks about the place of security testing in the SDLC and how companies can achieve this integration with maximum success. Read More
This blog post summarizes a security talk given by CEO, Ferruh Mavituna, about scaling-up and automating web application security. Ferruh discusses the stages of vulnerability detection, website and vulnerability categories, the benefits and limits of automation, pre and post-scan challenges to automation, and the elimination of false positives. Read More
Enis Hulli from Glocal interviews Netsparker CEO Ferruh Mavituna on what inspired him to start Netsparker, and the key points in Netsparker’s development from startup to market leader. Ferruh plots Netsparker’s target market, biggest competitors, current traction and future prospects. They also examine current security needs of tech companies. Read More
Netsparker CEO Ferruh Mavituna is interviewed on Business Security Weekly about the importance of an asset discovery service. He discusses the need for a multi-layered approach, the place of discovery in the SDLC, the use of Netsparker as a pre-purchase software check, the importance of visibility and accountability, and the need for automation. Read More
Netsparker security researcher Sven Morgenroth was interviewed on Application Security Weekly #60 to discuss how to build applications that are secure by default, so that some of the most common vulnerabilities are automatically avoided. Read More
Ferruh Mavituna is interviewed about Netsparker by Help Net Security. The interview focuses on how Netsparker accurately identifies web application vulnerabilities without false positives using its unique Proof-Based technology, prioritizes fixes, prevents bottlenecks in development, discovers services, and deals with the growing problem of scalability. Read More
In episode #584 of Paul's Security Weekly, Sven Morgenroth, a Netsparker security researcher, discusses PHP Object injection vulnerabilities and explains the dangers of PHP's unserialize function. Sven provides background on PHP Objects, demos how to write an exploit for a PHP Object Injection vulnerability, and explains how to prevent them. Read More
At the end of 2018, PHP will stop security updates and support for some of its previous versions. This will expose hundreds of millions of websites to serious risk in terms of sites hacked, user details stolen, and massive fines. You need to update, and use systems that allow you to deploy only new versions of PHP by default. Read More
RESOURCES
USE CASES
WEB SECURITY
